Advances in information and communication technologies are expected to bring large benefits in the healthcare domain: the introduction of interoperable Electronic Health Record (EHR) systems can reduce the cost of the healthcare system and enhance the overall quality of treatments, whereas Remote Patient Management (RPM) services will limit the time a patient stays in hospital. Nevertheless, to date EHRs and RPMs are being used on a rather small scale. Besides problems with regard to the integration of different systems and logistic issues, concerns about information security and privacy are primary reasons for the lack of deployed systems. For example, EHR systems are facing strict security and privacy regulations (such as EU Directive 95/46 or HIPAA in the US) to which they have to comply.
Modern healthcare communication architectures tend to be open, interconnected environments: Sensitive patient records no longer reside on mainframes physically isolated within a healthcare provider, where physical security measures can be taken to defend the data and the system. Patient files are rather kept in an environment where data is outsourced to or processed on partially untrusted servers in order to allow de-centralized access for family doctors, medical specialists and even non-medical care providers. The currently employed server-centric protection model, which locks the data in a database server and uses a traditional access control model to permit access to data, cannot efficiently deal with the requirements of the new healthcare infrastructures.
In order to allow sharing of records among different healthcare providers or with external parties, end-to-end security techniques facilitating data-centric protection can be employed: Data is cryptographically protected and allowed to be outsourced or even freely float on the network. Rather than relying on different networks to provide confidentiality, integrity and authenticity, data is protected at the end points of the communication. This can be achieved by applying rights management technologies—digital rights management (DRM) in the domain of consumer electronics and enterprise rights management (ERM) in the business domain. In such systems published DRM-protected data is encrypted and a license server only issues licenses to requesting users if they have enough rights for accessing the data. However, a particular problem that is not solved by this technology is to guarantee instantaneous access to electronic patient records in an emergency case irrespective of the employed protection model. Although such DRM/ERM systems are very reliable regarding providing only requestor fulfilling all the necessary access rights an access to healthcare data, such systems are not capable of handling emergency situations that require an exemption in the normal behavior of the systems, e.g. where a healthcare provider needs an immediate access to medical data.